Colonial Pipeline and Ransomware: The Kalashnikov of 2021

In this episode of Cybersecurity (Marketing) Unplugged, Kellermann also discusses:

  • The vulnerability of U.S. energy infrastructure;
  • The geopolitical motivations behind the attack;
  • What Colonial Pipeline should do now to mitigate the damage.

Tom Kellermann is the head of cybersecurity strategy for VMware. Prior to this role, Kellermann was the chief cybersecurity officer for Carbon Black. Tom serves as the Wilson Center’s Global Fellow for Cybersecurity Policy and sits on the Technology Executive Council for CNBC.

Kellermann previously held the positions CEO and founder of Strategic Cyber Ventures; chief cybersecurity officer for Trend Micro; vice president of security for Core Security; and deputy CISO for the World Bank Treasury.

In 2008, Kellermann was appointed a commissioner on the Commission on Cybersecurity for the 44th President of the United States. In 2003 he co-authored the book, Electronic Safety and Soundness: Securing Finance in a New Age.

From 2007-2015 Kellermann taught a course on cybercrime as an adjunct professor at American University’s School of International Service and Kogod School of Business, where he also earned his Master’s degree in International Politics.

In an effort to adapt and update technologies in order to improve business continuity, many have in fact exacerbated the cyber attack surface leaving room for cybercriminal cartels like DarkSide to infiltrate and wreak havoc, as is the case with the Colonial Pipeline attack. This is oversight along with the geopolitical motivations of many of the cybercrime gangs can unravel some of the reasoning behind why and how the attack occurred. As Kellermann explains:

When you look at traditional cybercrime, or this ransomware as a service phenomenon, or some of the most regrettable facets of the dark web economy, it is all organized. And it is all protected by nation-states, and typically nation-states that used to be a part of the Soviet bloc.